CVE-2024-28000

This exploit targets a privilege escalation vulnerability in the Litespeed Cache WordPress Plugin 6.3.0.1 by brute-forcing a hash value to gain administrator privileges and create a new admin user.

This PoC exploits a privilege escalation vulnerability in the LiteSpeed Cache WordPress plugin (CVE-2024-28000) by brute-forcing a weak security hash to gain Administrator-level access. The script uses concurrent requests to test random hash values and creates a new admin user upon success.

This repository contains a functional PoC for CVE-2024-28000, a privilege escalation vulnerability in the LiteSpeed Cache WordPress plugin. The exploit automates the detection of exposed debug.log files and leverages a hash mismatch to create an admin user.

This PoC exploits CVE-2024-28000, targeting the LiteSpeed Cache WordPress plugin. It checks for vulnerable versions and includes functionality for Google Dorking to identify potential targets.

This Go-based exploit targets CVE-2024-28000, a privilege escalation vulnerability in LiteSpeed Cache plugin versions <=6.3. It automates the creation of an administrator account by brute-forcing a hash and leveraging the plugin's flawed authentication mechanism.

This repository contains a working exploit and scanner for CVE-2024-28000, targeting a vulnerability in the LiteSpeed Cache plugin for WordPress. The exploit leverages cookie manipulation to bypass authentication and create an administrator user.